Server Certificate [server.crt - not ca.crt] Has Expired
Posted: Fri Sep 02, 2022 5:03 pm
ORIGINAL TITLE: Certificate Has Expired
Hi,
So my vpn's ca certificate has expired. When a client tries to connect to the server, the client recieves the following error message: 'VERIFY ERROR: depth=0, error=certificate has expired'. I have attempted to renew the certifcate using:
Then I replace the current ca with ca_new in my server.conf. After restarting the server and recreating the client using the new ca_new.crt, I still get the same error that the certificate has expired. I am not sure what exactly is wrong, as openssl verifies that my new certificate should work with the prev_client.crt. Am I missing a step maybe?
Any help would be greatly appreciated. Thanks in advance!
EDIT: I believe my CA certificate is working just fine. How can I go about creating a server certificate (server.crt) which still allows the current clients to connect to?
Hi,
So my vpn's ca certificate has expired. When a client tries to connect to the server, the client recieves the following error message: 'VERIFY ERROR: depth=0, error=certificate has expired'. I have attempted to renew the certifcate using:
Code: Select all
openssl x509 -in ca.crt -days 36500 -out ca_new.crt -signkey ca.key
openssl verify -CAfile ca_new.crt prev_client.crt
prev_client.crt: OK
Any help would be greatly appreciated. Thanks in advance!
EDIT: I believe my CA certificate is working just fine. How can I go about creating a server certificate (server.crt) which still allows the current clients to connect to?